Responsibilities:
Conduct thorough research to identify security weaknesses and vulnerabilities within low-code/ no-code platforms;
Perform in-depth analysis of web and API security, identifying potential threats and developing mitigation strategies;
Collaborate with cross-company teams to proactively address security concerns during the development lifecycle;
Stay up-to-date with the latest industry trends, security threats, and advancements in low-code and no-code technologies;
Develop proof-of-concept exploits, provide recommendations for remediation to affected vendors, and create detections in the company`s platform;
Contribute to the development of security guidelines, best practices, and standards tailored for low-code and no-code platforms;
Collaborate with external security researchers and organizations to enhance the overall security posture of the low-code/no-code landscape;
Perform publishable research and share it via blog posts, conference talks and meet-ups.
Relevant professional and/or academic education:
Bachelors or Masters degree in Computer Science, Information Security, or a related field;
Relevant military courses;
Other relevant formal training.
Minimum of 5 years of experience in the field of security research, with at least 3 of them with focus on cloud, web and/or API security.
Proficiency in programming languages commonly used in web development (e.g., JavaScript, Python, Java).
Experience working with cloud environments and understanding of cloud security best practices.
Strong knowledge of security principles, protocols, and best practices.
Excellent problem-solving skills and ability to think creatively.
Self-driven and able to work independently, with a proactive attitude towards continuous learning and self-study (others will need to corroborate this).
